To begin, we will need to create our view and controller files as well as load the libraries we will be using. I will not be using a database for this tutorial but, rather an array containing the username and password of out user.

For the views, I created a view for the header, the footer, and the login form:

As you can see in the above code, I have already encrypted a password. To create an encrypted password from a string all you need to do is call encode() from the encryption class, like so:

echo $this->encrypt->encode( 'password' );

Building the Form

After setting up the files as described above, we now need to create the form so our users can login. I will be using the Form Helper that CodeIgniter provides us with instead of writing out the html. I will be creating this form inside the login_form.php view:

You probably noticed I am using PHP short tag syntax which, I prefer to use. If you choose not to use short tag syntax instead of writing this:

<?php echo form_input( 'user_name' ); ?>

you would write this:

<?php echo form_input( 'user_name' ); ?>

Whatever suits your coding style, stick to it and be consistent throughout your code. I have also added a check to see if the Flashdata ‘message’ has been set. I like to use flashdata for temporary messages because any flashdata vars set will only be available for the next server request, and are then deleted or cleared. I will be using this to notify the user of an incorrect password, on successful login, and if a user has not been found.

Submitting the Form

Now that we have our form created, we need to make it work! So, open up that controller and lets put some code in there.

The first thing we must do upon submitting a form is to validate the data. CodeIgniter’s Form Validation Class makes this really easy, all we have to do is set some rules:

The first parameter of $this->form_validation->set_rules() is the field name we set in html. The second parameter is what you would call the field in the error message (eg. The `username` field is a required field). The third parameter is the rule reference and defines what the field data should contain. We will not be doing anything special so, ‘required’ works for what we need to accomplish because all we need to check is if the field was filled in. I have also set the error message delimiters which again, is just personal preference. You can keep them as default or use different delimiters.

In order for us to validate the form we need to check to see if it has been submitted and then validate the form. If the form validates, we continue processing the submitted credentials if not, we display the error messages and the user can try to submit the form again.

If the form does not validate, $this->form_validation->run() will return FALSE and terminate the if-statement. The controller will then finish executing but, we still need to notify the user of any errors! When a form fails to validate, CodeIgniters Form Validation Class generates the error messages or messages and we can display them the way we choose on the view. CodeIgniter allows us to output these messages either in a block format (all messages in one place) or individually. I prefer to display them individually and right where the form element that had the error. To do that, we need to update out login_form.php view. We will be inserting the form_error() function which only needs one parameter; the name of our form element. We also will need to re-populate the form with the submitted data so the user can see what went wrong and also so the user does not have to re-type all the info back into the form. To do this, we will place the set_value() funtion inside the form_input() function

Now when a user submits a form with no information or with missing information, they will be denied access and informed about the error. They can then fix the errors and re-submit until they get it right.

Validating The User

Once the user has submitted a valid form we then need to check if the user is a valid user or not. If the user is a valid user, we will then continue processing if not, an error message will be displayed and the user will be returned to the login form. We will be displaying this error message using Flashdata.

Once the user has submitted credentials for a valid user, we will then check the submitted password against the stored password to see if they match we will allow the user to login and use the application. If the passwords do not match, we will display another message notifying the user of the error and then return the user back to the login form.

Well, there you have it. A simple and easy login form created using CodeIgniter. Even though I used an array to store user credentials, it would be really easy to modify the code for use with a database.